The WOMBAT project

Worldwide Observatory of Malicious Behaviors and Attack Threats

The WOMBAT project aims at providing new means to understand the existing and emerging threats that are targeting the Internet economy and the net citizens. To reach this goal, the proposal includes three key workpackages: (i) real time gathering of a diverse set of security related raw data, (ii) enrichment of this input by means of various analysis techniques, and (iii) root cause identification and understanding of the phenomena under scrutiny. The acquired knowledge will be shared with all interested security actors (ISPs, CERTs, security vendors, etc.), enabling them to make sound security investment decisions and to focus on the most dangerous activities first. Special care will also be devoted to impact the level of confidence of the European citizens in the net economy by leveraging security awareness in Europe thanks to the gained expertise.


The objectives of this project are:

  1. to gather real-world data on threats and attacks
  2. to develop automated ways to analyze and enrich attack and malware data and
  3. to use the acquired knowledge to create early warning systems

R & D innovation

WOMBAT will create a large set of integrated repositories of malware data, along with techniques for mining such data for information such as current and future attack strategies by miscreants

Industrial relevance / Potential applications and future issues

Our industrial partners, France Telecom and Symantec, are already applying several of the technologies created during the project.

Type: EU FP7 STREP project

Duration: January 2008 – April 2011

Contacts: Stefano Zanero